{"uuid": "2860f536-e4bd-4758-b2fb-6ea34e754233", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28496", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116800802356327413", "content": "New.\n\"Today VulnCheck is disclosing CVE-2026-28496, an unauthenticated remote code execution chain in FOSSBilling, the open-source billing and client-management platform.\"\nVulnCheck: CVE-2026-28496 - FOSSBilling Auth Bypass and Twig SSTI to Unauthenticated RCE https://www.vulncheck.com/blog/fossbilling-auth-bypass-ssti-rce @vulncheck #infosec #opensource #vulnerability", "creation_timestamp": "2026-06-23T18:20:14.295475Z"}